[jcifs] Samba SMB password buffer overflow
Christopher R. Hertel
crh at ubiqx.mn.org
Sat Nov 27 11:34:04 MST 2010
What version of Samba are you running? Samba 2.0.x is ages old and has been
out of support for five or more years now.
You don't say what error you are getting.
Chris -)-----
Girish wrote:
> I am getting an error on Production Server.
> Every thing works perfectly on UAT.
> How do i update samba
> version or what setting i have to do.
>
>
> <filter>
> <filter-name>NtlmHttpFilter</filter-name>
> <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
>
>
> <init-param>
> <param-name>jcifs.http.domainController</param-name>
> <param-value>xxx</param-value>
> </init-param>
> <init-param>
> <param-name>jcifs.smb.client.domain</param-name>
> <param-value>xxx</param-value>
> </init-param>
> <init-param>
> <param-name>jcifs.smb.client.username</param-name>
> <param-value>xxx</param-value>
> </init-param>
> <init-param>
> <param-name>jcifs.smb.client.password</param-name>
> <param-value>xxx</param-value>
> </init-param>
> <init-param>
> <param-name>jcifs.util.loglevel</param-name>
> <param-value>10</param-value>
>
> </init-param>
>
>
> </filter>
>
> <filter-mapping>
>
> <filter-name>NtlmHttpFilter</filter-name>
>
> <url-pattern>/*</url-pattern>
>
> </filter-mapping>
>
>
>
> Samba SMB password buffer overflow
> (SMB password overflow)
> About this signature or vulnerability
> BlackICE:
> http://www.networkice.com/advice/Intrusions/2000504
>
> Default risk level
>
> High
>
> Sensors that have this signature
>
> BlackICE: 1.0
>
> Systems affected
>
> IBM AIX, WindRiver BSDOS, SGI IRIX, Linux Kernel,
> Sun Solaris, Samba Samba, IBM OS2, Microsoft
> Windows 95, Data General DG/UX,
> Microsoft Windows NT: 4.0,
> Microsoft Windows 98, Novell NetWare,
> SCO SCO Unix, Microsoft Windows 98SE,
> Microsoft Windows 2000, Cisco IOS,
> Microsoft Windows Me,
> Compaq Tru64, Microsoft Windows XP,
> SCO Caldera OpenLinux Lite: 1.1,
> SCO Caldera OpenLinux Base:
> 1.1, SCO Caldera OpenLinux Standard: 1.1,
> Apple Mac OS,
> Microsoft Windows 2003 Server
>
> Type
>
> Unauthorized Access Attempt
>
> Vulnerability description
>
> Samba NetBIOS is vulnerable to a buffer overflow attack.
> By submitting a specially formatted password
> that exceeds the length expected by Samba,
> an attacker can overflow a buffer and cause the server to
> execute arbitrary code on the system with root privileges.
> In order for an attacker to do this, a valid SMB
> session must be negotiated and
> a valid username must be used.
>
> How to remove this vulnerability
>
> Upgrade to the latest version of Samba (2.0.7 or later),
> available from the Samba Web site.
> See
> References.
>
> For Caldera OpenLinux Base 1.1, Lite 1.1 and Standard 1.1:
> Upgrade to the latest samba package (1.9.16p7-1 or later)
> as listed in Caldera Systems, Inc.
> Security
> Advisory SA-1997.24. See References.
>
> — OR —
>
> Upgrade to the lastest version of Samba (1.9.17p2 or later),
> as listed in CERT Vendor-Initiated Bulletin
> 97.10. See References.
>
> For other distributions:
> Contact your vendor for upgrade or patch information.
>
>
>
>
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the jCIFS
mailing list